Shortcut exploits have made the news in malware circles this month. After Stuxnet first used them, it wasn't long before other malware started exploiting the zero-day vulnerability - Sality is among their numbers. The authors of the Sality family added Read more…

There's more bad news for those troubled by the Microsoft zero-day vulnerability that allows a Windows shortcut link, known as an .LNK file, to run malicious code whenever Windows displays their icon. The Shortcut exploit is well known to be Read more…

In case you've missed the big security story of the past few days, it's all about the Stuxnet malware, which brought to the world's attention a rather naughty bug in Windows – the "CPLINK shortcut vulnerability", or just CPLINK for Read more…

If you were in charge of some critical infrastructure (such as a power plant or manufacturing facility) and there was some malware which exploited a zero-day vulnerability in Windows which targeted your systems you might be pretty concerned, right? In Read more…

I have spent the last three days looking at how we can best protect ourselves against the latest Windows zero day vulnerability, aside from running up to date anti-virus software. We have named this exploit CPLINK within SophosLabs referring to Read more…